how to Escape single quotes with PreparedStatment

Поиск
Список
Период
Сортировка
Hi All,
I'm trying to write a preparedstatement query as below.

    String query=  "SELECT count(*) over () as ROWCOUNT,
CONSUMER_ID,WENEXA_ID,CONSUMER_NAME,CONTACT_NO,residing_village from
db_consumer WHERE (lower(CONSUMER_NAME) LIKE (lower('%"+name+"%'))OR
(lower('" + name + "')='')) AND (lower(RESIDING_VILLAGE) LIKE
(lower('%"+village+"%')) OR (lower('" + village + "')='')) AND
(lower(WENEXA_ID) LIKE (lower('%"+wenexaid+"%'))OR(lower( '" + wenexaid +
"')='')) LIMIT '"+pageLimit+"'OFFSET '"+pageOffset+"'";

                stmt = con.prepareStatement(query);
                rs= stmt.executeQuery();

However , the query fails with postgresql when a double quote is passed into
it.I was under the impression that Prepared statement would take care of the
same . But can anyone explain why I'm getting the error?
Thank you.

--
View this message in context:
http://postgresql.1045698.n5.nabble.com/how-to-Escape-single-quotes-with-PreparedStatment-tp4718287p4718287.html
Sent from the PostgreSQL - jdbc mailing list archive at Nabble.com.

В списке pgsql-jdbc по дате отправления:

Предыдущее
От: Jonas Sundman
Дата:
Сообщение: getTablePrivileges empty if table owned by group role
Следующее
От: dmp
Дата:
Сообщение: Re: how to Escape single quotes with PreparedStatment